Name: Salt Security API Protection Platform
Rating: 8.5 (6 reviews)
Author: Salt Security

Help Desk

Live Chat

Web and Video Conferencing

Customer Support

Flowchart

Development

Association Management

Business Intelligence (BI)

Collaboration

Enterprise Legal Management

Risk Management

Streaming Analytics

Workflow

Enterprise

Accounting

Accounts Receivable

Crypto Asset Management

Crypto Tax

Subscription Management

Finance and Accounting

Applicant Tracking

Corporate Learning Management

Diversity, Equity, and Inclusion (DEI)

HR Management

Payroll

Talent Intelligence

Talent Management

Workforce Analytics

Workforce Management

Human Resources

.Net Development

AI Governance

Cloud Storage

Custom Software Development Services

Data Center Virtualization

Data Fabric

Fraud Detection

IT Service Providers

Identity Verification

Integration Platform as a Service (iPaaS)

Intranet

Load Testing

Managed File Transfer (MFT)

Managed Private Cloud

Network Performance Monitoring

SaaS Management

Software-Defined WAN

System Monitoring

Time Series Databases

User Activity Monitoring

Web Portal

Information Technology

A/B Testing

Ad Serving & Retargeting

All-in-One Marketing

Audio Editing

Content Management

Contest Management

Email Marketing

Gamification

Marketing Automation

Personalization Engines

Press Release Management

Product Sampling

Social Media Management

Survey & Forms Building

Video Editing

Web Analytics

Marketing

Project Management

Professional Services

Customer Relationship Management (CRM)

Lead-to-Account Matching and Routing

Product Configuration

Sales

Architecture

Construction Workforce Management

Inventory Management

Last Mile Delivery

Loan Servicing

Moving Software

Oil and Gas

Physical Therapy

Vertical-Specific

Find top rated software and services based on in-depth reviews from verified users. 400+ software categories including PaaS, NoSQL, BI, HR, and more.

Akamai API Gateway

Akamai

F5 Distributed Cloud Bot Defense

Cloudflare

Azure API Management

Microsoft

Microsoft Defender for Cloud

F5 Distributed Cloud API Security

Boomi

IBM API Connect

Layer7 API Security

Broadcom

Apigee Sense

Google

Noname Security

Cequence Security

Apigee Edge

MuleSoft Anypoint Platform

NGINX

Kubernetes

Docker

Gigamon GigaVUE Cloud Suite™

Atlassian Jira

ServiceNow Security Operations

Slack

Snowflake

Sumo Logic

PagerDuty

### API Security
Users consistently highlight Salt Security API Protection Platform's exceptional ability to identify and mitigate potential attacks on APIs, providing a strong defense mechanism against threats. The platform's capacity to detect attacks, protect sensitive data, and prevent unauthorized access through APIs is widely acknowledged by reviewers. Additionally, users appreciate the platform's feature set that aids in understanding and controlling the flow of data within their API infrastructure. Salt Security API Protection Platform's reputation for enhancing API security and safeguarding against various attack vectors is well-established among its user base. (Source Reviews: [1](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-14-13-02-18), [2](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-12-15-02-23), [3](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-09-07-28-32), [4](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-12-14-35-26), [5](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2021-09-20-11-43-47), [6](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2021-08-14-11-43-44))

### API Endpoint Management
User feedback on Salt Security API Protection Platform's API endpoint management functionality varies. Some users praise the platform for its ability to provide visibility on API traffic, allowing proactive identification of potential threats and vulnerabilities within a large number of endpoints. Others appreciate how Salt Security API Protection Platform assists in tracking and managing API endpoints, especially in scenarios where teams frequently create and modify endpoints. However, there are also mixed opinions on the platform's effectiveness in identifying and managing APIs within custom-developed applications. This diversity in user experiences highlights the nuanced nature of Salt Security API Protection Platform's API endpoint management capabilities. (Source Reviews: [1](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-09-07-28-32), [2](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-12-14-35-26), [3](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2021-09-20-11-43-47))

### API Documentation and Visibility
Reviewers have expressed a mix of opinions regarding the API documentation and visibility features of the Salt Security API Protection Platform. While some users find the platform's capabilities in identifying PII and discrepancies between API traffic and documentation beneficial, others have highlighted the need for more flexible reporting options and improvements in API documentation clarity. It appears that the platform's API documentation and visibility functionalities have both strengths and areas for enhancement, reflecting a nuanced user perspective on these aspects. (Source Reviews: [1](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-09-07-28-32), [2](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-12-14-35-26))

### Traffic Monitoring and Control
Users consistently highlight Salt Security API Protection Platform's traffic monitoring and control as a standout feature, enabling proactive identification of potential threats, including PII exposure and deviations between API traffic and documentation. The platform's ability to provide insights on traffic analysis, potential attackers, and necessary improvements has been well-received by reviewers. Despite some concerns about access to all API requests and responses, users appreciate the platform's constant monitoring for possible attacks based on API consumption baselines. Additionally, the integration with SOC/SIEM tools for incident response support has been commended for facilitating faster response times and aiding in investigations related to attacks and data flow control. (Source Reviews: [1](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-09-07-28-32), [2](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-14-13-02-18), [3](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-12-14-35-26), [4](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-12-15-02-23), [5](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2021-08-14-11-43-44))

### Monitoring, Alerting, and Insights
Users consistently highlight Salt Security API Protection Platform's monitoring, alerting, and insights features as key strengths of the platform. They appreciate the platform's ability to provide visibility into API traffic, proactively identify potential threats, and offer actionable insights for improving security measures. The alerting system, in particular, is praised for its effectiveness in flagging suspicious behaviors and potential attacks. Additionally, users find the platform's monitoring capabilities valuable for tracking API traffic and identifying areas for enhancement. The integration with SDLC further enhances the overall monitoring and alerting experience for users. (Source Reviews: [1](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-14-13-02-18), [2](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-09-07-28-32), [3](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-12-14-35-26), [4](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2021-08-14-11-43-44))

### Incident Response and Reporting
User feedback on Salt Security API Protection Platform's incident response and reporting capabilities varies across reviews. While some users appreciate the platform's detailed attacks reporting and integration with SOC/SIEM tools for faster incident response, others express concerns about the lack of flexibility in obtaining information and the need for more robust reporting functionality. The platform's ability to support investigations and provide data for sensitive data flow control is acknowledged, but there are suggestions for improvements in terms of exporting detailed data, filtering options in the attackers' dashboard, and enhancing the OAS analysis for a more comprehensive view of identified issues. (Source Reviews: [1](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-12-15-02-23), [2](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-09-07-28-32), [3](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2021-08-14-11-43-44), [4](https://www.trustradius.com/reviews/salt-security-api-protection-platform-2022-04-12-14-35-26))

Difficult Customized Deployments: Some users have found the process of setting up customized deployments to be challenging. They have encountered difficulties in configuring and implementing their specific requirements, which has resulted in frustration and delays.

Reporting Functionality Needs Improvement: Several reviewers have mentioned that the reporting functionality across the enterprise needs enhancement, not just in specific environments. Users have expressed a need for more comprehensive and robust reporting capabilities, including customizable reports, advanced analytics, and seamless integration with other systems.

Lack of Access to API Requests and Responses: A number of users have expressed a desire for access to requests and responses from all APIs, not just those related to attacks. They feel that having visibility into all API activities would allow them to better monitor and analyze potential threats or vulnerabilities.

Easy Deployment: Multiple users have expressed their appreciation for the easy deployment process of the product, which allowed them to set it up smoothly and without any hassle.

Excellent Visibility into API Activity: Many reviewers have specifically mentioned that the product offers excellent visibility into activity on APIs. This feature enables them to easily track and monitor how their APIs are being used.

Valuable Insights into Inventory: Some users have found great value in the product's ability to provide insights into their inventory. By using this tool, they were able to discover items that they were previously unaware of, resulting in a better understanding of their inventory.

The Salt Security API Protection Platform has been widely deployed across enterprises to gain better visibility into all APIs used, including those in different cloud architectures and both in-house and third-party applications. Users have found this platform helpful for inventorying APIs and detecting attacks and unauthorized data access through these APIs. By providing a realistic view of the entire API infrastructure and the potential threats these APIs face, Salt Security API Protection Platform allows users to respond faster and more appropriately to potential attacks that exploit APIs as an attack vector. This platform addresses the need for visibility and control over the APIs being used and how they are consumed.

One key use case of the Salt Security API Protection Platform is to identify anomalies and support incident response. The platform integrates with SOC/SIEM tools to report detected attacks, facilitating investigations and faster incident response. Customers have implemented this platform in their in-house developed applications to identify and protect publicly accessible APIs. Salt Security API Protection Platform provides valuable information about data consumption via APIs and call management at application endpoints, considering PII tracking and access patterns of potential attackers. Users report productivity gains from the alerts generated and the intelligence provided by Salt Security API Protection Platform in analyzing vulnerabilities and threats. Additionally, the platform offers visibility into API traffic, enabling proactive identification of PII, discrepancies between API documentation and real traffic, potential attackers, as well as suggestions for countermeasures and improvements such as missing HTTP headers or endpoints lacking authorization. Customers appreciate that Salt Security API Protection Platform allows them to gain insights into their API traffic, which would be challenging without the platform given the number of endpoints and traffic volume.

F5 Distributed Cloud Bot Defense (formerly Shape Defense, acquired January 2020) provides security to protect a website from bots, fake users, and unauthorized transactions, preventing large scale fraud and eroded user experiences. Companies get visibility, detection and mitigation outcomes to reduce fraud and cloud hosting, bandwidth and compute costs, improve user experiences, and optimize their business based on real human traffic.

Salt Security API Protection Platform

API Security

Likelihood to Recommend

Salt
Security protects the APIs that form the core of every modern application. Its
API Protection Platform is the industry’s first
patented solution to prevent the next generation of API attacks, using machine
learning and AI to automatically and continuously identify and protect APIs.
Deployed in minutes, the Salt Security platform learns the granular behavior of
an organization’s APIs and requires no configuration or customization to
pinpoint and block API attackers.

Salt Security

Secures network with these features and tools offered by API Security.

Authentication and Authorization

Ensures that only authorized users or clients can access the API, and that users have the appropriate permissions to perform specific actions.

Data Protection

Protects the data in transit between the API and the client by encrypting it using secure protocols such as SSL/TLS.

Rate Limiting

Limits the number of requests that can be made to the API within a certain time period, preventing abuse and ensuring fair usage for all users.

Audit Logging

Records all API activity, including authentication attempts, access requests, and data modifications, for compliance and troubleshooting purposes.

Input Validation

Validates and sanitizes user input to prevent common attack vectors such as SQL injection, cross-site scripting, and command injection.

Content Filtering

Scans the content of API requests and responses for potentially malicious or unwanted content, such as malware or sensitive data, to prevent data leakage and protect against attacks.

Denial of Service (DoS) Protection

Mitigates DoS attacks by monitoring the API traffic for suspicious patterns and blocking or rate limiting requests from potential malicious sources.

Security Notification and Alerts

Sends real-time notifications and alerts when security events or anomalies are detected, allowing prompt investigation and response to potential threats

API Key Management

Provides mechanisms to generate, manage, and revoke API keys or tokens that are used for authentication and access control.

Cross-origin Resource Sharing (CORS) Protection

Enforces restrictions on cross-origin requests, preventing unauthorized access to resources on the API server from web pages served by other domains.

Security Specialist

Salt Security API Protection Platform 2022-04-14 13:02:18

Senior Security Analyst

Salt Security API Protection Platform 2022-04-12 15:02:23

Director, IT Security

Salt Security API Protection Platform 2021-08-14 11:43:44

Salt Security API Protection Platform 2022-04-12 14:35:26

Salt Security API Protection Platform 2022-04-09 07:28:32

TrustRadius is a technology and business research firm based in Austin, Texas. The company is known as a review platform for verified B2B technology and software reviews through a proprietary algorithm and human verification.

TrustRadius

Reporting functionality

Ways to get

Get information

Api documentation

Options for exporting

Detailed data

Detailed view

Easy deployment

Sensitive information

Sensitive data

Data mapping

Home

API Security Tools

We use Salt to have a realistic view of the entire API infrastructure and possible threats to which these APIs are being subjected. We were able to have a faster and more appropriate response to potential attacks that use APIs as an attack vector. Salt addresses the need to have visibility and control over what APIs we have and how these APIs are being consumed. I consider Salt a precious platform for security teams considering the massive and constant increase in the use of APIs in the architecture of new applications.

Detect possible attacks on APIs
Gain visibility into all APIs in your infrastructure

Access to requests and responses from all APIs (baseline), not only those related to attacks

Constant monitoring and alert for possible attacks based on API consumption baseline

Salt can positively impact the API availability SLA by helping to accelerate the detection of attacks that can compromise the availability of your infrastructure.

Use Case: Identify anomalies and support incident response. Salt Security API Protection Platform security is integrated with SOC/SIEM tools, reporting the found attacks in order to investigate and respond. The purpose is to have a faster incident response and provide data that supports attacks investigations and sensitive data flow control.

Sensitive data mapping
Detailed Attacks Reporting
Integration with SOC/SIEM tools

The platform could have more options for exporting detailed data from attackers' dashboards.
The Attackers dashboard could also have more options of filters in order to support the investigations of the attack.
The OAS analysis could present a more detailed view of the found issues.

Detailed Attacks information
Integration with SOC/SIEM Tools
Senstive data control

Salt Security API Protection Platform has provided detailed information that is helping us to identify and investigate attacks in our environment

We have deployed Salt [Security API Protection Platform] across the entire enterprise to have better visibility around all of our APIs. This is including several different cloud architectures and both in house and 3rd party applications. Salt [Security API Protection Platform] has helped us inventory our APIs and see any attacks and type of data being accessed through these APIs.

Easy deployment
Excellent visibility into activity on APIs
Inventory! It helps you find things you didn't know you had

Some customized deployments can be difficult
Reporting functionality across the enterprise and not just per environment needs improved
Better attack handling options needed

Inventory
API monitoring
SDLC integration

The inventory of API assets and volume of calls was not available previously

We use a Salt Security API Protection Platform as our provider of information about data consumption via API and call management at application end-points, considering PII tracking and access patterns of eventual attackers (by IP address, authorization type, etc). In addition, Salt Security API Protection Platform provides us with a productivity gain related to the alerts generated and intelligence embedded in the analysis of possible vulnerabilities or threats.

List of Apis callers
Alert triagens about suspicious behaviors
PII identificaton

Consolidation reports about Apis accessing profiles.
Swagger to programming Apis.

Alertting
Attack identification
PII identification

Productivity
Acuracy
Management of volume calls

Salt provides visibility on our API traffic, allowing us to proactively identify PII, differences in API documentation (swagger files) and real traffic, alerts in situations that indicate a potential attacker allowing us to take countermeasures and suggestions on improvements (missing important HTTP headers, endpoints lacking authorization, etc.). Given the number of endpoints we have and the traffic we have would be really difficult to get these insights without Salt.

PII identification in API traffic.
Divergence between API traffic and documentation (swagger files).
Potential attacks with information to take counter measures.

Reporting - more flexible ways to get information.
API documentation in order to interact with the platform.

PII identification.
Traffic analysis to get insights on improvements and potential attackers.

Helped to keep us compliant with most privacy regulations.

Salt Security API Protection Platform

Overview

What is Salt Security API Protection Platform?